Re: Debian Investigation Report after Server Compromises
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, Dec 04, 2003 at 12:40:42PM +0800, csj wrote:
> Now I'm curious: is it possible to get rooted while on dialup?
Yes. However, being on dialup adds some additional difficulties for
an attacker:
1) Most dialup systems have big, dynamic pools with IPs assigned
randomly, or a bunch of lines on the same phone number and each
modem is assigned an IP. So it's unpredictable what IP any
particular system will actually get for a particular connection,
other than it being within a certain range.
2) Most bandwidth you're going to get out of it is about 37kb/sec.
3) User is likely saturating that link.
Note this might not slow down a really, really determined individual.
> I'm thinking of a user with access to a slow but dirt cheap
> dialup connection and so is online for significant stretches,
> say, eight hours.
If your computer can communicate externally through it, there's always
the possibility that it can be compromised through it. User I/O,
data from external media, network connections, dialup connections,
etc. is what I mean by external communication. Everything after that
is playing the numbers and betting it all every time.
With any network connection, you should follow some basic rules.
Don't leave services you don't use installed. Don't run daemons
intended only for local use on the external interface.
Someone else here might have some good URL's handy; also try Google.
- --
.''`. Paul Johnson <baloo@ursine.ca>
: :' :
`. `'` proud Debian admin and user
`- Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/z4OgUzgNqloQMwcRAkX5AKDGHjjs2GizbyB5J7YhZcvjsIrBfgCgibEo
+nRnbdTXYcxqSIXUVk6Y8I8=
=hZid
-----END PGP SIGNATURE-----
Reply to: